[CORE-2477] Add support for encrypted staff notes - Blesta

Paul Phillips created issue - 28/Sep/17 2:07 PM

Paul Phillips made changes - 28/Sep/17 2:07 PM

Field	Original Value	New Value
Component/s		Staff Interface [ 10000 ]

Paul Phillips made changes - 15/Aug/18 5:45 PM

Description

This task requires CORE-2334

Allow staff to create private encrypted notes. If an RSA key has been generated, use the public key to encrypt notes. If no key has been generated, display a warning that notes will not be encrypted unless an RSA public private keypair is generated.

* Location of notes could be in a widget on the Dashboard, but open to discussion about placement
* We should be able to tell if a note is encrypted or not, and whether a passphrase is set
* When viewing a note that is encrypted with a passphrase, you must enter the passphrase before it will be descrypted and displayed
* Notes should be similar to client notes, except a detail box will always be shown and not hidden
* Note subjects will not be encrypted, so that they can be displayed in a table
* Store the date the note was created, and last updated
* When viewing a note that is encrypted with a passphrase, show the passphrase box instead of the detail box. When the correct passphrase is entered, display instead the details box with contents decrypted.

This task requires CORE-2476

Allow staff to create private encrypted notes. If an RSA key has been generated, use the public key to encrypt notes. If no key has been generated, display a warning that notes will not be encrypted unless an RSA public private keypair is generated.

* Location of notes could be in a widget on the Dashboard, but open to discussion about placement
* We should be able to tell if a note is encrypted or not, and whether a passphrase is set
* When viewing a note that is encrypted with a passphrase, you must enter the passphrase before it will be descrypted and displayed
* Notes should be similar to client notes, except a detail box will always be shown and not hidden
* Note subjects will not be encrypted, so that they can be displayed in a table
* Store the date the note was created, and last updated
* When viewing a note that is encrypted with a passphrase, show the passphrase box instead of the detail box. When the correct passphrase is entered, display instead the details box with contents decrypted.

Paul Phillips made changes - 15/Aug/18 6:34 PM

Description

This task requires CORE-2476

Allow staff to create private encrypted notes. If an RSA key has been generated, use the public key to encrypt notes. If no key has been generated, display a warning that notes will not be encrypted unless an RSA public private keypair is generated.

* Location of notes could be in a widget on the Dashboard, but open to discussion about placement
* We should be able to tell if a note is encrypted or not, and whether a passphrase is set
* When viewing a note that is encrypted with a passphrase, you must enter the passphrase before it will be descrypted and displayed
* Notes should be similar to client notes, except a detail box will always be shown and not hidden
* Note subjects will not be encrypted, so that they can be displayed in a table
* Store the date the note was created, and last updated
* When viewing a note that is encrypted with a passphrase, show the passphrase box instead of the detail box. When the correct passphrase is entered, display instead the details box with contents decrypted.

This task requires CORE-2476

Allow staff to create private encrypted notes. If an RSA key has been generated, use the public key to encrypt notes. If no key has been generated, display a warning that notes will not be encrypted unless an RSA public private keypair is generated.

* Location of notes could be in a widget on the Dashboard, but open to discussion about placement
* We should be able to tell if a note is encrypted or not, and whether a passphrase is set
* When viewing a note that is encrypted with a passphrase, you must enter the passphrase before it will be descrypted and displayed
* Notes should be similar to client notes, except a detail box will always be shown and not hidden
* Note subjects will not be encrypted, so that they can be displayed in a table
* Store the date the note was created, and last updated
* When viewing a note that is encrypted with a passphrase, show the passphrase box instead of the detail box. When the correct passphrase is entered, display instead the details box with contents decrypted.

NOTE! Client Notes are stored in client_notes table, so maybe this should be admin_notes? Also, it would be nice to have an option on client_notes to encrypt those also. In many cases, I have client notes that I want to encrypt and having them linked to the client is important.

Paul Phillips made changes - 15/Aug/18 6:35 PM

Description

This task requires CORE-2476

Allow staff to create private encrypted notes. If an RSA key has been generated, use the public key to encrypt notes. If no key has been generated, display a warning that notes will not be encrypted unless an RSA public private keypair is generated.

* Location of notes could be in a widget on the Dashboard, but open to discussion about placement
* We should be able to tell if a note is encrypted or not, and whether a passphrase is set
* When viewing a note that is encrypted with a passphrase, you must enter the passphrase before it will be descrypted and displayed
* Notes should be similar to client notes, except a detail box will always be shown and not hidden
* Note subjects will not be encrypted, so that they can be displayed in a table
* Store the date the note was created, and last updated
* When viewing a note that is encrypted with a passphrase, show the passphrase box instead of the detail box. When the correct passphrase is entered, display instead the details box with contents decrypted.

NOTE! Client Notes are stored in client_notes table, so maybe this should be admin_notes? Also, it would be nice to have an option on client_notes to encrypt those also. In many cases, I have client notes that I want to encrypt and having them linked to the client is important.

This task requires CORE-2476

Allow staff to create private encrypted notes. If an RSA key has been generated, use the public key to encrypt notes. If no key has been generated, display a warning that notes will not be encrypted unless an RSA public private keypair is generated.

* Location of notes could be in a widget on the Dashboard, but open to discussion about placement
* We should be able to tell if a note is encrypted or not, and whether a passphrase is set
* When viewing a note that is encrypted with a passphrase, you must enter the passphrase before it will be descrypted and displayed
* Notes should be similar to client notes, except a detail box will always be shown and not hidden
* Note subjects will not be encrypted, so that they can be displayed in a table
* Store the date the note was created, and last updated
* When viewing a note that is encrypted with a passphrase, show the passphrase box instead of the detail box. When the correct passphrase is entered, display instead the details box with contents decrypted.

NOTE! Client Notes are stored in client_notes table, so maybe this should be staff_notes? Also, it would be nice to have an option on client_notes to encrypt those also. In many cases, I have client notes that I want to encrypt and having them linked to the client is important.

Paul Phillips made changes - 20/Aug/20 1:15 PM

Comment

[ When creating a note, we should have an option to set a passphrase. If no passphrase is set, we would still encrypt the contents, but no passphrase would be required and the content should be decrypted on the fly. If there is a passphrase set, then we request the passphrase before decrypting and displaying the notes. ]

Add support for encrypted staff notes

Details

Description

Activity

People

Dates

Agile